>
>>
>> It works when I use literally
>>
>> slapd -h ldapi://%2Ftest%2Ffoobar
>
> I invigilate the behaviour using various combinations of "%2F" and "/".
%2F for '/' is not black magic: it's just URL encoding of chars that have
a special meaning in URLs. '/' is the separator between the "host" and
the "DN" part, so any '/' in the host part (the socket's path name) need
to be escaped.
> just two more questions
>
> 1) is it possible to change socket permissions and/or active
> listeners existence via cn=config?
No.
> 2) What build option enables x-mod= experimental feature ?
Don't use it: it's not portable. The right way to use filesystem
permission on ldapi consists in protecting access to the directory where
the socket is created.
p.